Default Password Vulnerability in Avantra Software by Syslink
CVE-2026-8672

5.1MEDIUM

Key Information:

Vendor: Syslink Software Ag
Status: Avantra
Vendor: CVE Published:; 22 May 2026

🔔 Create Syslink Software Ag Vulnerability Alert

What is CVE-2026-8672?

A security vulnerability exists in Syslink's Avantra software that allows attackers to exploit default and commonly used usernames and passwords. This poses significant risks as unauthorized users may gain access to sensitive data and functionalities. Organizations using Avantra software should ensure that they are running a version newer than 25.3.0 to mitigate this vulnerability effectively.

Affected Version(s)

Avantra Linux 0 < 25.3.0

References

https://support.avantra.com/hc/en-us/articles/5535551609759

vendor-advisory

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 22, 2026
Vulnerability Reserved
May 15, 2026

Credit

Vicxer Inc.

CVE-2026-8672 Data

JSON